Mandrake 6.1: ypserv
Posted by LinuxSecurity.com Team   
Mandrake This package fixes several problems:
This package fixes several problems: 

- A bug allowed for all admins on a NIS domain to inject password tables into 
the NIS server.

- A user on a NIS domain could change the login shell and GECOS information 
(real name, etc.) of other users.

- There was a potential buffer overflow in the MD5 hash generation. 

82dfa8f405bbc56ab7baa656fdd8b8d7 ypserv-1.3.9-1mdk.i586.rpm
1f1f2a2f5c5ed7d84a460e446a892a4f ypserv-1.3.9-1mdk.src.rpm